package com.graduate.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.graduate.common.shiro.ShiroUser;
import com.graduate.util.ResponseResult;
import com.graduate.util.StringUtils;



/**
 * 
 * @author Ann
 *
 */

@Controller
public class LoginController extends BaseController {
    
    /**
     * 重定向到首页
     * @return
     */
    @RequestMapping(value="/", method=RequestMethod.GET)
    public String index() {
        return "redirect:/mainFrame";
    }

    /**
     * 请求首页
     * @param model
     * @return
     */
    @RequestMapping(value="/index", method=RequestMethod.GET)
    public String index(Model model) {
        return "mainFrame";
    }

    /**
     * GET请求登录页
     * @return {String}
     */
    @RequestMapping(value="/login", method=RequestMethod.GET)
    public String login() {
        return "login";
    }

    /**
     * POST请求登录----shiro写法
     * @param username 用户名
     * @param password 密码
     * @return {Object}
     */
    @RequestMapping(value="/login", method=RequestMethod.POST)
    @ResponseBody
    public Object loginPost(HttpServletRequest request, HttpServletResponse response,
            String username, String password, String captcha, 
            @RequestParam(value = "rememberMe", defaultValue = "0") Integer rememberMe) {
        logger.info("POST请求登录");
        if (StringUtils.isBlank(username)) {
           return  ResponseResult.createByFailedMsg("用户名不能为空！");
            }
        if (StringUtils.isBlank(password)) {
           return  ResponseResult.createByFailedMsg("密码不能为空！");
        }   
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        try {
        	/**验证用户名:密码**/
        	subject.login(token);	
        	ShiroUser sUser = (ShiroUser)subject.getPrincipal();   	
        	request.getSession().setAttribute("sUser", sUser);
            return  true;
        } catch (UnknownAccountException e) {
            return  ResponseResult.createByFailedMsg("账号不存在！");
        } catch (DisabledAccountException e) {
            return  ResponseResult.createByFailedMsg("账号未启用！");
        } catch (IncorrectCredentialsException e) {
            return  ResponseResult.createByFailedMsg("密码错误！");
        } catch (Throwable e) {
            return  ResponseResult.createByFailedMsg("其他异常！");
        }
    }

    /**
     * 未授权
     * @return {String}
     */
    @RequestMapping(value="/unauth", method=RequestMethod.GET)
    public String unauth() {
        if (SecurityUtils.getSubject().isAuthenticated() == false) {
            return "redirect:/login";
        }
        return "unauth";
    }

    /**
     * 退出
     * @return {Result}
     */
    @RequestMapping(value="/logout", method=RequestMethod.POST)
    @ResponseBody
    public ResponseResult logout(HttpServletRequest request) {
        logger.info("登出");
        Subject subject = SecurityUtils.getSubject();
        clearUserInfo(request,subject);
        subject.logout();
        return  ResponseResult.createBySuccessCode();
    }
    
   
    @RequestMapping(value="/closeout")
    public void closeout(HttpServletRequest request) {
        Subject subject = SecurityUtils.getSubject();
        clearUserInfo(request,subject);//isrelogin
        subject.logout();
        request.getSession().removeAttribute("sUser");
        System.out.println("close window is logout! ");
    }
    
    /** 
     *@Description 清除用户信息
     */
    private void clearUserInfo(HttpServletRequest request,Subject subject){
    	
        ShiroUser sUser = (ShiroUser)subject.getPrincipal();
        request.getServletContext().removeAttribute(sUser.getUser().getId());
        System.out.println("user is logout! ");
        
    }
    
   
}
